Your message dated Tue, 13 Aug 2013 22:19:20 +0000
with message-id <[email protected]>
and subject line Bug#715157: fixed in sudo 1.8.7-1
has caused the Debian Bug report #715157,
regarding sudo 1.8.7 released
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
715157: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=715157
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: sudo
Severity: wishlist
--- Begin Message ---
Sudo version 1.8.7 is now available. See the list of major changes
below for details.
Source:
http://www.sudo.ws/sudo/dist/sudo-1.8.7.tar.gz
ftp://ftp.sudo.ws/pub/sudo/sudo-1.8.7.tar.gz
Binary packages:
http://www.sudo.ws/sudo/download.html#binary
For a list of download mirror sites, see:
http://www.sudo.ws/sudo/download_mirrors.html
Sudo web site:
http://www.sudo.ws/sudo/
Sudo web site mirrors:
http://www.sudo.ws/sudo/mirrors.html
Major changes between sudo 1.8.7 and 1.8.6p8:
* The non-Unix group plugin is now supported when sudoers data
is stored in LDAP.
* Sudo now uses a workaround for a locale bug on Solaris 11.0
that prevents setuid programs like sudo from fully using locales.
* User messages are now always displayed in the user's locale,
even when the same message is being logged or mailed in a
different locale.
* Log files created by sudo now explicitly have the group set
to group ID 0 rather than relying on BSD group semantics (which
may not be the default).
* A new "exec_background" sudoers option can be used to initially
run the command without read access to the terminal when running
a command in a pseudo-tty. If the command tries to read from
the terminal it will be stopped by the kernel (via SIGTTIN or
SIGTTOU) and sudo will immediately restart it as the forground
process (if possible). This allows sudo to only pass terminal
input to the program if the program actually is expecting it.
Unfortunately, a few poorly-behaved programs (like "su" on most
Linux systems) do not handle SIGTTIN and SIGTTOU properly.
* Sudo now uses an efficient group query to get all the groups
for a user instead of iterating over every record in the group
database on HP-UX and Solaris.
* Sudo now produces better error messages when there is an error
in the sudo.conf file.
* Two new settings have been added to sudo.conf to give the admin
better control of how group database queries are performed. The
"group_source" specifies how the group list for a user will be
determined. Legal values are "static" (use the kernel groups
list), "dynamic" (perform a group database query) and "adaptive"
(only perform a group database query if the kernel list is full).
The "max_groups" setting specifies the maximum number of groups
a user may belong to when performing a group database query.
* The sudo.conf file now supports line continuation by using a
backslash as the last character on the line.
* There is now a standalone sudo.conf manual page.
* Sudo now stores its libexec files in a "sudo" subdirectory instead
of in libexec itself. For backwards compatibility, if the plugin
is not found in the default plugin directory, sudo will check
the parent directory if the default directory ends in "/sudo".
* The sudoers I/O logging plugin now logs the terminal size.
* A new sudoers option "maxseq" can be used to limit the number of
I/O log entries that are stored.
* The "system_group" and "group_file" sudoers group provider plugins
are now installed by default.
* The list output (sudo -l) output from the sudoers plugin is now
less ambiguous when an entry includes different runas users.
The long list output (sudo -ll) for file-based sudoers is now
more consistent with the format of LDAP-based sudoers.
* A uid may now be used in the sudoRunAsUser attributes for LDAP
sudoers.
* Minor plugin API change: the close and version functions are now
optional. If the policy plugin does not provide a close function
and the command is not being run in a new pseudo-tty, sudo may
now execute the command directly instead of in a child process.
* A new sudoers option "pam_session" can be used to disable sudo's
PAM session support.
* On HP-UX systems, sudo will now use the pstat() function to
determine the tty instead of ttyname().
* Turkish translation for sudo and sudoers from translationproject.org.
* Dutch translation for sudo and sudoers from translationproject.org.
* Tivoli Directory Server client libraries may now be used with
HP-UX where libibmldap has a hidden dependency on libCsup.
* The sudoers plugin will now ignore invalid domain names when
checking netgroup membership. Most Linux systems use the string
"(none)" for the NIS-style domain name instead of an empty string.
* New support for specifying a SHA-2 digest along with the command
in sudoers. Supported hash types are sha224, sha256, sha384 and
sha512. See the description of Digest_Spec in the sudoers manual
or the description of sudoCommand in the sudoers.ldap manual for
details.
* The paths to ldap.conf and ldap.secret may now be specified as
arguments to the sudoers plugin in the sudo.conf file.
* Fixed potential false positives in visudo's alias cycle detection.
* Fixed a problem where the time stamp file was being treated
as out of date on Linux systems where the change time on the
pseudo-tty device node can change after it is allocated.
* Sudo now only builds Position Independent Executables (PIE)
by default on Linux systems and verifies that a trivial test
program builds and runs.
* On Solaris 11.1 and higher, sudo binaries will now have the
ASLR tag enabled if supported by the linker.
____________________________________________________________
sudo-announce mailing list <[email protected]>
For list information, options, or to unsubscribe, visit:
http://www.sudo.ws/mailman/listinfo/sudo-announce
--- End Message ---
pgp3LlU7OS6rF.pgp
Description: PGP signature
--- End Message ---
--- Begin Message ---
Source: sudo
Source-Version: 1.8.7-1
We believe that the bug you reported is fixed in the latest version of
sudo, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Bdale Garbee <[email protected]> (supplier of updated sudo package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Wed, 14 Aug 2013 00:01:14 +0200
Source: sudo
Binary: sudo sudo-ldap
Architecture: source i386
Version: 1.8.7-1
Distribution: unstable
Urgency: low
Maintainer: Bdale Garbee <[email protected]>
Changed-By: Bdale Garbee <[email protected]>
Description:
sudo - Provide limited super user privileges to specific users
sudo-ldap - Provide limited super user privileges to specific users
Closes: 655879 660594 715157 719574
Changes:
sudo (1.8.7-1) unstable; urgency=low
.
* new upstream version, closes: #715157, #655879
* make sudo-ldap package's init.d script be called sudo-ldap
* add sssd support to sudo, closes: #719574
* recognize lenny, squeeze, and wheezy unmodified sudoers, closes: #660594
Checksums-Sha1:
8be6b9cedaf38d87a31a8b98410b76393e863e78 1883 sudo_1.8.7-1.dsc
748c87b8caa2e513775961cb3330f2a78118f4bf 2027065 sudo_1.8.7.orig.tar.gz
6c91467656b389836dbcaf2224f5738fbb7d33a5 24401 sudo_1.8.7-1.debian.tar.gz
d5492273b51e5bdd7ec73f8e950c88f6d097b87b 752196 sudo_1.8.7-1_i386.deb
c5ff4dbbb59e30eb521b6a30dd84fe977b2a7ef1 770344 sudo-ldap_1.8.7-1_i386.deb
Checksums-Sha256:
d4efbf4e7e0bc87dcf5a4e9cb9b21fccc65cdbe8d3e165e7c43ca5fa69255f9e 1883
sudo_1.8.7-1.dsc
39626cf3d48c4fd5a9139a2627d42bfefac7ce47f470bdba3aeb4e3d7c49566a 2027065
sudo_1.8.7.orig.tar.gz
aa1986ef36203230ee0081852aac20f3094fa64e493043d8b56cbe9de2a6865e 24401
sudo_1.8.7-1.debian.tar.gz
1da3652f36e0d4cbf4506ba5ec54173eb658ba783fb0deee8aa3523da04e7a63 752196
sudo_1.8.7-1_i386.deb
928156d518ee5ba05b5730f7e36000a15bdc572cccbefd2aad4881d86a6f8342 770344
sudo-ldap_1.8.7-1_i386.deb
Files:
56e916bc669f2876f1b9bfa84710b14d 1883 admin optional sudo_1.8.7-1.dsc
a02367090e1dac8d0c1747de1127b6bf 2027065 admin optional sudo_1.8.7.orig.tar.gz
23938ecb0cd0fcec65664867469b8b95 24401 admin optional
sudo_1.8.7-1.debian.tar.gz
1c9bf7c8267d2b297a3d4a3ce8cbae32 752196 admin optional sudo_1.8.7-1_i386.deb
48a097b978a52c68c4cdf2c07dfe82d3 770344 admin optional
sudo-ldap_1.8.7-1_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (GNU/Linux)
iQIVAwUBUgquKDqTYZbAldlBAQr0WQ//ZDlOutV9pgK6UkoMpI9KX9GjDLGjVMEl
NoDKxIfWWTy9FrELRVFPvPXnTu7FRgEY5kY+w0lCX1UP6vunNsVUruYFhZSbFHni
ms74JJHM7xgHdyjOIkTRDIhHevxRjdhW7MdmLPGpKm4BZiMllfQ3vQ2JaQ0UtjWi
lst31A39c/0s4ust/Fz38iStzfntCc1INVCdebxnw83VCazKoXHMicnmW7lwNTbK
L8BMWH5/SKgrq5gs/Va6LdWGu83SwYCtFzI4KkXaxD+7GN0XsTD92GzyUqTT4UP1
pFo2PYsMRMEt/eca24XUH+m/IyOC5SISiAZ0s663OoH3Ag5kHr9mtD59GieNrfyq
Eq46Ek2CoQjXLOAirPRIGtl/jT2pTwdqOkSSFq7vR+tZC5xXlEha0kNmid3yD4XK
xHtK0Yq7cgTf6ttN4dwz7HXaytc64DP7rFW7Ry79T4Q4rBytlMhJuj3eHizNcFx4
b4D4WJbYZmmU1wHhxi4MDkXjnmIpngi6JL/G+q34Fr2LGF8YZdLfCrJzdUQzwbCY
sn2IlxOSehWKB2UkmabEgtV9w1+pG2Wa+oNzBIIaki+wLEB1EUtHzXcdSOctPBrd
jl0zywQRB6U1CKQ12rzYHrPXESu4Jeh74TJ0htppE4/FexY/ygUHuh2gb6kbnvFu
o0fLqyLIHOs=
=syHY
-----END PGP SIGNATURE-----
--- End Message ---
